--- conf.c	2007-12-25 15:46:17.000000000 -0800
+++ new.conf.c	2007-12-25 15:53:10.000000000 -0800
@@ -135,6 +135,7 @@ static int parse_boolean_value(char *);
 static void parse_auth_server(FILE *, char *, int *);
 static int _parse_firewall_rule(char *ruleset, char *leftover);
 static void parse_firewall_ruleset(char *, FILE *, char *, int *);
+static char * _strip_whitespace(char *p1);
 
 static OpCodes config_parse_token(const char *cp, const char *filename, int linenum);
 
@@ -233,43 +234,34 @@ parse_auth_server(FILE *file, char *file
 	ssl_port = DEFAULT_AUTHSERVSSLPORT;
 	ssl_available = DEFAULT_AUTHSERVSSLAVAILABLE;
 	
-	/* Read first line */	
-	memset(line, 0, MAX_BUF);
-	fgets(line, MAX_BUF - 1, file);
-	(*linenum)++; /* increment line counter. */
-
 	/* Parsing loop */
-	while ((line[0] != '\0') && (strchr(line, '}') == NULL)) {
-		/* skip leading blank spaces */
-		for (p1 = line; isblank(*p1); p1++);
-
-		/* End at end of line */
-		if ((p2 = strchr(p1, '#')) != NULL) {
-			*p2 = '\0';
-		} else if ((p2 = strchr(p1, '\r')) != NULL) {
-			*p2 = '\0';
-		} else if ((p2 = strchr(p1, '\n')) != NULL) {
-			*p2 = '\0';
-		}
+	while (fgets(line, MAX_BUF, file)) {
+		(*linenum)++;
+		p1 = _strip_whitespace(line);
+
+		/* if nothing left, get next line */
+		if(p1[0] == '\0') continue;
+
+		/* if closing brace, we are done */
+		if(p1[0] == '}') break;
 
 		/* next, we coopt the parsing of the regular config */
-		if (strlen(p1) > 0) {
-			p2 = p1;
-			/* keep going until word boundary is found. */
-			while ((*p2 != '\0') && (!isblank(*p2)))
-				p2++;
-
-			/* Terminate first word. */
-			*p2 = '\0';
-			p2++;
-
-			/* skip all further blanks. */
-			while (isblank(*p2))
-				p2++;
-			
-			/* Get opcode */
-			opcode = config_parse_token(p1, filename, *linenum);
+		p2 = p1;
+		/* keep going until word boundary is found. */
+		while ((*p2 != '\0') && (!isblank(*p2)))
+		  p2++;
+
+		/* Terminate first word. */
+		*p2 = '\0';
+		p2++;
+
+		/* skip all further blanks. */
+		while (isblank(*p2))
+		  p2++;
 			
+		/* Get opcode */
+		opcode = config_parse_token(p1, filename, *linenum);
+		
 			switch (opcode) {
 				case oAuthServHostname:
 					host = safe_strdup(p2);
@@ -318,12 +310,6 @@ parse_auth_server(FILE *file, char *file
 					exit(-1);
 					break;
 			}
-		}
-
-		/* Read next line */
-		memset(line, 0, MAX_BUF);
-		fgets(line, MAX_BUF - 1, file);
-		(*linenum)++; /* increment line counter. */
 	}
 
 	/* only proceed if we have an host and a path */
@@ -395,41 +381,47 @@ parse_firewall_ruleset(char *ruleset, FI
 			*p2;
 	int		opcode;
 
+	/* find whitespace delimited word in ruleset string.
+	 * this is its name, without left brace '{'
+	 */
+	p1 = strchr(ruleset,' ');
+	if(p1) *p1 = '\0';
+	p1 = strchr(ruleset,'\t');
+	if(p1) *p1 = '\0';
+
 	debug(LOG_DEBUG, "Adding Firewall Rule Set %s", ruleset);
 	
-	/* Read first line */	
-	memset(line, 0, MAX_BUF);
-	fgets(line, MAX_BUF - 1, file);
-	(*linenum)++; /* increment line counter. */
-
 	/* Parsing loop */
-	while ((line[0] != '\0') && (strchr(line, '}') == NULL)) {
-		/* skip leading blank spaces */
-		for (p1 = line; isblank(*p1); p1++);
-
-		/* End at end of line */
-		if ((p2 = strchr(p1, '#')) != NULL) {
-			*p2 = '\0';
-		} else if ((p2 = strchr(p1, '\r')) != NULL) {
-			*p2 = '\0';
-		} else if ((p2 = strchr(p1, '\n')) != NULL) {
-			*p2 = '\0';
-		}
+	while (fgets(line, MAX_BUF, file)) {
+		(*linenum)++;
+		p1 = _strip_whitespace(line);
+
+		/* if nothing left, get next line */
+		if(p1[0] == '\0') continue;
+
+		/* if closing brace, we are done */
+		if(p1[0] == '}') break;
 
 		/* next, we coopt the parsing of the regular config */
-		if (strlen(p1) > 0) {
-			p2 = p1;
-			/* keep going until word boundary is found. */
-			while ((*p2 != '\0') && (!isblank(*p2)))
-				p2++;
-
-			/* Terminate first word. */
-			*p2 = '\0';
-			p2++;
-
-			/* skip all further blanks. */
-			while (isblank(*p2))
-				p2++;
+		p2 = p1;
+		/* keep going until word boundary is found. */
+		while ((*p2 != '\0') && (!isblank(*p2)))
+		  p2++;
+
+		/* if this is end of line, it's a problem */
+		if(p2[0] == '\0') {
+		  debug(LOG_ERR, "Firewall Rule incomplete on line %d in %s", *linenum, filename);
+		  debug(LOG_ERR, "Exiting...");
+		  exit(-1);
+		}
+
+		/* Terminate first word. */
+		*p2 = '\0';
+		p2++;
+
+		/* skip all further blanks. */
+		while (isblank(*p2))
+		  p2++;
 			
 			/* Get opcode */
 			opcode = config_parse_token(p1, filename, *linenum);
@@ -450,12 +442,6 @@ parse_firewall_ruleset(char *ruleset, FI
 					exit(-1);
 					break;
 			}
-		}
-
-		/* Read next line */
-		memset(line, 0, MAX_BUF);
-		fgets(line, MAX_BUF - 1, file);
-		(*linenum)++; /* increment line counter. */
 	}
 
 	debug(LOG_DEBUG, "Firewall Rule Set %s added.", ruleset);
@@ -634,35 +620,37 @@ config_read(char *filename)
 
 	while (!feof(fd) && fgets(line, MAX_BUF, fd)) {
 		linenum++;
-		s = line;
-
-		if (s[strlen(s) - 1] == '\n')
-			s[strlen(s) - 1] = '\0';
-
-		if ((p1 = strchr(s, ' '))) {
-			p1[0] = '\0';
-		} else if ((p1 = strchr(s, '\t'))) {
-			p1[0] = '\0';
-		}
-
-		if (p1) {
-			p1++;
-
-			if ((p2 = strchr(p1, ' '))) {
-				p2[0] = '\0';
-			} else if ((p2 = strstr(p1, "\r\n"))) {
-				p2[0] = '\0';
-			} else if ((p2 = strchr(p1, '\n'))) {
-				p2[0] = '\0';
-			}
-		}
+		s = _strip_whitespace(line);
 
-		if (p1 && p1[0] != '\0') {
-			/* Strip trailing spaces */
+		/* if nothing left, get next line */
+		if(s[0] == '\0') continue;
 
-			if ((strncmp(s, "#", 1)) != 0) {
-				debug(LOG_DEBUG, "Parsing token: %s, "
-						"value: %s", s, p1);
+		/* now we require the line must have form: <option><whitespace><arg>
+		 * even if <arg> is just a left brace, for example
+		 */
+    
+		/* see if there is a whitespace-delimited arg following the option */
+		p1 = s;
+		/* find option end boundary */
+		while ((*p1 != '\0') && (!isspace(*p1))) p1++;
+		/* if this is end of line, it's a problem */
+		if(p1[0] == '\0') {
+		  debug(LOG_ERR, "Option %s requires argument on line %d in %s", s, linenum, filename);
+		  debug(LOG_ERR, "Exiting...");
+		  exit(-1);
+		}
+
+		/* terminate option, point past it */
+		*p1 = '\0';
+		p1++;
+
+		/* skip delimiting whitespace, make p1 point at arg */
+		while (isblank(*p1)) p1++;
+
+		/* now s points at option, p1 points at arg */
+		debug(LOG_DEBUG, "Parsing token: %s, "
+		      "value: %s", s, p1);
+		
 				opcode = config_parse_token(s, filename, linenum);
 
 				switch(opcode) {
@@ -723,8 +711,6 @@ config_read(char *filename)
 					sscanf(p1, "%d", &config.syslog_facility);
 					break;
 				}
-			}
-		}
 	}
 
 	fclose(fd);
@@ -736,19 +722,20 @@ Parses a boolean value from the config f
 static int
 parse_boolean_value(char *line)
 {
-	if (strcasecmp(line, "yes") == 0) {
-		return 1;
-	}
-	if (strcasecmp(line, "no") == 0) {
-		return 0;
-	}
-	if (strcmp(line, "1") == 0) {
-		return 1;
+	if (strcasecmp(line, "no") == 0 ||
+	    strcasecmp(line, "false") == 0 ||
+	    strcmp(line, "0") == 0
+	    ) {
+	  return 0;
 	}
-	if (strcmp(line, "0") == 0) {
-		return 0;
+	
+	if (strcasecmp(line, "yes") == 0 ||
+	    strcasecmp(line, "true") == 0 ||
+	    strcmp(line, "1") == 0
+	    ) {
+	  return 1;
 	}
-
+	
 	return -1;
 }
 
@@ -851,3 +838,23 @@ mark_auth_server_bad(t_auth_serv *bad_se
 	}
 
 }
+
+/** @internal
+ Strip comments and leading and trailing whitespace from a string.
+ Return a pointer to the first nonspace char in the string.
+*/
+static char *
+_strip_whitespace(char *p1)
+{
+	char *p2;
+	/* strip any comment by terminating at first # */
+	p2 = strchr(p1,'#');
+	if(p2) *p2 = '\0';
+	/* strip leading whitespace by pointing p1 past it */
+	while(isspace(p1[0])) p1++;
+	/* strip trailing whitespace by terminating at it */
+	while(p1[0] != '\0' && isspace(p1[strlen(p1)-1]))
+	  p1[strlen(p1)-1] = '\0';
+
+	return p1;
+}